On Mon, 12 Feb 2018, Valery Smyslov wrote:
This is one particular implementation peculiarity, there
will be others that behaves oddly. The point is, if we introduce a new
Transform Type, it is very likely that backward compatibility can no
longer be achieved.
Again, it depends. If the majority of implementations immediately crash once
receive unknown transform, then I agree that we need another mechanism...
Most of other cases usually can be dealt with. Probably not all and probably
not as elegant as we wish, but still I believe they can.
We still have plenty of time to get the word out to those
implementations to fix their problem. By the time we have a
document ready for post quantum transforms, those implementations
should have been fixed. It's a little early now to deem this
an unsurmountable problem.
I prefer to reuse existing code for this and I see no reason why it cannot be
IPsec mailing list